Paper 2023/598

Threshold Signatures from Inner Product Argument: Succinct, Weighted, and Multi-threshold

Sourav Das, University of Illinois at Urbana-Champaign
Philippe Camacho, Espresso Systems
Zhuolun Xiang, Aptos Labs
Javier Nieto, University of Illinois at Urbana-Champaign
Benedikt Bunz, Espresso Systems
Ling Ren, University of Illinois at Urbana-Champaign

Threshold signatures protect the signing key by sharing it among a group of signers so that an adversary must corrupt a threshold number of signers to be able to forge signatures. Existing threshold signatures with succinct signatures and constant verification times do not work if signers have different weights. Such weighted settings are seeing increasing importance in decentralized systems, especially in the Proof-of-Stake blockchains. This paper presents a new paradigm for threshold signatures for pairing- and discrete logarithm-based cryptosystems. Our scheme has a compact verification key consisting of only 7 group elements, and a signature consisting of 8 group elements. Verifying the signature requires 1 exponentiation and 13 bilinear pairings. Our scheme supports arbitrary weight distributions among signers and arbitrary thresholds. It requires non-interactive preprocessing after a universal powers-of-tau setup. We prove the security of our scheme in the Algebraic Group Model and implement it using golang. Our evaluation shows that our scheme achieves a comparable signature size and verification time to a standard (unweighted) threshold signature. Compared to existing multisignature schemes, our scheme has a much smaller public verification key.

Note: Full version of the ACM CCS paper.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Minor revision. ACM CCS 2023
Weighted Threshold SignatureInner product argumentsMulti-thresholdEfficiency
Contact author(s)
souravd2 @ illinois edu
philippe @ espressosys com
xiangzhuolun @ gmail com
jmnieto2 @ illinois edu
benedikt @ espressosys com
renling @ illinois edu
2023-09-17: last of 2 revisions
2023-04-27: received
See all versions
Short URL
No rights reserved


      author = {Sourav Das and Philippe Camacho and Zhuolun Xiang and Javier Nieto and Benedikt Bunz and Ling Ren},
      title = {Threshold Signatures from Inner Product Argument: Succinct, Weighted, and Multi-threshold},
      howpublished = {Cryptology ePrint Archive, Paper 2023/598},
      year = {2023},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.